can not connect to mysql when has special chars '@' in passwords · Issue #8327

link管理

链接快照平台

输入网页链接，自动生成快照
标签化管理网页链接

Describe the bug

After the version is upgraded from 1.3.19 to 1.4.39 , if the password contains the @ symbol, the database connection will fail. it works well in version 1.3.19 .

To Reproduce

pip3 install sqlalchemy==1.4.39

from sqlalchemy import create_engine
from sqlalchemy.orm import sessionmaker
from sqlalchemy.ext.declarative import declarative_base
def get_mysql_pool(user,
                   passwd,
                   host,
                   port,
                   database,
                   recycle_rate=1800,
                   pool_size=32,
                   max_overflow=64):
    declarative_base()
    sqlalchemy_database = f"mysql+pymysql://{user}:{passwd}@{host}:{port}/{database}"
    engine = create_engine(sqlalchemy_database,
                           pool_recycle=recycle_rate,
                           pool_size=pool_size,
                           max_overflow=max_overflow)
    return sessionmaker(autocommit=True, autoflush=True, bind=engine)

Change a password that contains an @ symbol, it will reproduce.

Error

sqlalchemy.exc.OperationalError: (pymysql.err.OperationalError) (2003, "Can't connect to MySQL server on '[email protected]' ([Errno -2] Name or service not known)")
Versions
OS: Centos 7.2
Python: 3.6.8
SQLAlchemy: 1.4.39
Database:  MySQL
DBAPI (eg: psycopg, cx_oracle, mysqlclient): mysqlclient
Hi. Special characters need to be escalated. See also https://github.com/sqlalchemy/sqlalchemy/issues?q=+label%3A%22%40+in+password%22+

@zzzeek @CaselIT
Through version-by-version testing, it was found that this problem was introduced in version 1.4.16, and 1.4.15 did not have this problem.
[engine] [bug] Fixed issue where an @ sign in the database portion of a URL would not

be interpreted correctly if the URL also had a username:password section.
#6482
it's a fix that was in 1.4.16, so that database names with @ signs in them would parse correctly. @ signs in passwords should never have worked. we've just been waiting for months for people to stop upgrading and having this issue.
Well, I thought it was impossible to have the @ sign in the hostname or database name.
Hi. Special characters need to be escalated. See also https://github.com/sqlalchemy/sqlalchemy/issues?q=+label%3A%22%40+in+password%22+

@zzzeek @CaselIT
Through version-by-version testing, it was found that this problem was introduced in version 1.4.16, and 1.4.15 did not have this problem.
[engine] [bug] Fixed issue where an @ sign in the database portion of a URL would not

be interpreted correctly if the URL also had a username:password section.
#6482
Please note that the documentation has always said that special characters should be escalated
    expected behavior
  that's how it's meant to work.  consider the "documentation" label in addition
    @ (or other chars) in password
  please escape non-alphanumeric characters in passwords